Has anyone written any code to look through the squid access log in
conjunction with fail2ban picking up TCP/DENIED 407 errors and then banning
the IP address?
Could be 1 way to do it
--------------------------------------------------
From: "Kinkie" <gkinkie_at_gmail.com>
Sent: Saturday, August 08, 2009 2:56 PM
To: "J Webster" <webster_jack_at_hotmail.com>; <squid-users_at_squid-cache.org>
Subject: Re: [squid-users] ban brute force attacks in squid through ncsa
> Hello,
> this kind of functionality does not really belong to Squid but to
> the authentication backend.
> Ncsa passwd check script are quite naive and usually do not provide
> that kind of protection.
>
> On 8/8/09, J Webster <webster_jack_at_hotmail.com> wrote:
>> Is there anything in squid to ban brute force attacks on usernames and
>> passwords via ncsa authentication?
>>
>>
>
>
> --
> /kinkie
>
Received on Wed Aug 12 2009 - 12:57:40 MDT
This archive was generated by hypermail 2.2.0 : Wed Aug 12 2009 - 12:00:02 MDT